CVE-2025-53558
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-31
Last updated on: 2025-07-31
Assigner: JPCERT/CC
Description
Description
ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all installations. With the knowledge of the credential, an attacker may log in to the affected devices.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zte | zxhn-f660a | * |
| zte | zxhn-f660t | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-1391 | The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in ZXHN-F660T and ZXHN-F660A devices provided by ZTE Japan K.K., where a common credential is used for all installations. An attacker who knows this credential can log in to the affected devices without authorization.
How can this vulnerability impact me? :
If an attacker gains access to the affected devices using the common credential, they can potentially control or manipulate the device, leading to unauthorized access, data compromise, or disruption of services.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70